North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Dumb users spread viruses
On Sun, 8 Feb 2004, Paul Vixie wrote: > The puzzling thing about this is the basic assumption (by the author of > the article) that computers are fragile and infection-prone and that users > who don't know how to protect them are somehow part of the problem. The way corporations "solve" the problem is take away all privileges from end-users. End-users can't install software, can't make changes to the system configuration, can't connect to unapproved systems. IT support in most corporations cost more per seat than the average home user pays for Internet access. In 1998, the concept of Web Appliances was the rage. Most users of the Internet use e-mail and the web. Web appliances eliminated 90% of the bloat of Windows, and only provided the few functions most people use. They didn't even have anti-virus, because they didn't need it. The market decided secure (limited) web appliances weren't desired by the purchasers of computers. > In this past year's tour of my friends and family, I've taken to removing > their antivirus software at the same time I remove their spyware, and I've > taken to installing Mozilla (with its IMAP client) as a way to keep the > machine from having any dependency on anti-virus software. IT managers are > encouraged to consider a similar move next time they're asked to approve > the renewal costs of a campus-wide anti-virus license. Next year, whe you tour your family and friends, how many will have re-installed programs which included spyware as well as saving and running viruses delivered through the e-mail. > There is nothing wrong with a user who thinks they should not have to know > how to protect their computer from virus infections. If we (the community > who provides them service and software) can't make it safe-by-default, then > the problem rests with us, not with the end users. Every computer sold in the US is safe by default. It is powered off, disconnected, in a factory sealed box :-) The problem is only partially technical. I used to do public access kiosks and never had virus problems with millions of users every year. But you couldn't save, alter or run any unauthorized programs on any of the public access kiosks either. No Microsoft Word, no KaZaA, no Instant Messenger, no Gator, no Weatherbug, no Real Player, etc. Unfortunately, people want to install arbitrary software on their computers and are willing to bypass every control to do it.